<?php
App::uses('AppController', 'Controller');
/**
 * Users Controller
 *
 * @property User $User
 */
class UsersController extends AppController {

    function beforeFilter() {
        parent::beforeFilter();

        $this->Auth->allow(array('add', 'edit', 'view', 'delete'));
    }
/**
 * view method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
    public function view($id = null) {
        if (!$this->User->exists($id)) {
            throw new NotFoundException(__('Invalid user'));
        }
        $options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
        $this->set('user', $this->User->find('first', $options));
    }

/**
 * add method
 *
 * @return void
 */
    public function add() {
        if ($this->request->is('post')) {
            $this->User->create();
            if ($this->User->save($this->request->data)) {
                $this->Session->setFlash(__('The user has been saved'));
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash(__('The user could not be saved. Please, try again.'));
            }
        }
        $groups = $this->User->Group->find('list');
        $this->set(compact('groups'));
    }

/**
 * edit method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
    public function edit($id = null) {
        if (!$this->User->exists($id)) {
            throw new NotFoundException(__('Invalid user'));
        }
        if ($this->request->is('post') || $this->request->is('put')) {
            if ($this->User->save($this->request->data)) {
                $this->Session->setFlash(__('The user has been saved'));
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash(__('The user could not be saved. Please, try again.'));
            }
        } else {
            $options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
            $this->request->data = $this->User->find('first', $options);
        }
        $groups = $this->User->Group->find('list');
        $this->set(compact('groups'));
    }

/**
 * delete method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
    public function delete($id = null) {
        $this->User->id = $id;
        if (!$this->User->exists()) {
            throw new NotFoundException(__('Invalid user'));
        }
        $this->request->onlyAllow('post', 'delete');
        if ($this->User->delete()) {
            $this->Session->setFlash(__('User deleted'));
            $this->redirect(array('action' => 'index'));
        }
        $this->Session->setFlash(__('User was not deleted'));
        $this->redirect(array('action' => 'index'));
    }

/**
 * admin_index method
 *
 * @return void
 */
    public function admin_index() {
        $this->User->recursive = 0;
        $this->set('users', $this->paginate());
    }

/**
 * admin_view method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
    public function admin_view($id = null) {
        if (!$this->User->exists($id)) {
            throw new NotFoundException(__('Invalid user'));
        }
        $options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
        $this->set('user', $this->User->find('first', $options));
    }

/**
 * admin_add method
 *
 * @return void
 */
    public function admin_add() {
        if ($this->request->is('post')) {
            $this->User->create();
            if ($this->User->save($this->request->data)) {
                $this->Session->setFlash(__('The user has been saved'));
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash(__('The user could not be saved. Please, try again.'));
            }
        }
        $groups = $this->User->Group->find('list');
        $this->set(compact('groups'));
    }

/**
 * admin_edit method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
    public function admin_edit($id = null) {
        if (!$this->User->exists($id)) {
            throw new NotFoundException(__('Invalid user'));
        }
        if ($this->request->is('post') || $this->request->is('put')) {
            if ($this->User->save($this->request->data)) {
                $this->Session->setFlash(__('The user has been saved'));
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash(__('The user could not be saved. Please, try again.'));
            }
        } else {
            $options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
            $this->request->data = $this->User->find('first', $options);
        }
        $groups = $this->User->Group->find('list');
        $this->set(compact('groups'));
    }

/**
 * admin_delete method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
    public function admin_delete($id = null) {
        $this->User->id = $id;
        if (!$this->User->exists()) {
            throw new NotFoundException(__('Invalid user'));
        }
        $this->request->onlyAllow('post', 'delete');
        if ($this->User->delete()) {
            $this->Session->setFlash(__('User deleted'));
            $this->redirect(array('action' => 'index'));
        }
        $this->Session->setFlash(__('User was not deleted'));
        $this->redirect(array('action' => 'index'));
    }

     public function login() {


        if ($this->Session->read('Auth.User')) {
       // $this->Session->setFlash('You are logged in!');
        $this->redirect('/', null, false);
        }

        if ($this->request->is('ajax')) {
            $this->disableCache();
            $this->autoRender = false;
            //$this->layout = 'ajax';
            if ($this->Auth->login()) {
                //var_dump($this->controller);die;
                $users_username = $this->Auth->user('username');
            } else {

                echo "Username or password is incorrect";
            }
        } else if ($this->request->is('post')) {
            if ($this->Auth->login()) {
                return $this->redirect(array(
                    'controller' => 'pages',
                    'action' => 'home'
                ));
            } else {
                $this->redirect(array(
                    'controller' => 'pages',
                    'action' => 'home'
                ));
                $this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
            }
        }
}
     public function admin_login() {
    if ($this->Session->read('Auth.User')) {
        $this->Session->setFlash('You are logged in!');
        $this->redirect(array('controller'=>'products', 'action'=>'index'));
    }

    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
            $this->redirect($this->Auth->redirect());
            } else {
            $this->Session->setFlash('Your username or password was incorrect.');
          }
        }
    }

    public function logout() {
        // $this->Session->setFlash('Good-Bye');
        $this->Auth->logout();
        $this->redirect('/', null, false);
    }
    public function admin_logout() {
        $this->Session->setFlash('Good-Bye');
        $this->Auth->logout();
        $this->redirect(array('controller'=>'users', 'action'=>'login'));
    }

    public function permission() {
        $group = $this->User->Group;
        //Allow admins to everything
        $group->id = 1;
        $this->Acl->allow($group, 'controllers');

        //Allow manager
        $group->id = 2;
        $this->Acl->allow($group, 'controllers');
        $this->Acl->deny($group, 'controllers/Groups/add');

        //allow superuser
        $group->id = 3;
        $this->Acl->deny($group, 'controllers');
        $this->Acl->allow($group, 'controllers/Posts');
        $this->Acl->allow($group, 'controllers/Banners');
        $this->Acl->allow($group, 'controllers/Carts');
        $this->Acl->allow($group, 'controllers/Comments');
        $this->Acl->allow($group, 'controllers/ImageProducts');
        $this->Acl->allow($group, 'controllers/Images');
        $this->Acl->allow($group, 'controllers/ImageSpareParts');
        $this->Acl->allow($group, 'controllers/Orders');
        $this->Acl->allow($group, 'controllers/ProductSales');
        $this->Acl->allow($group, 'controllers/Products');
        $this->Acl->allow($group, 'controllers/ProductSpareParts');
        $this->Acl->allow($group, 'controllers/Providers');
        $this->Acl->allow($group, 'controllers/Rates');
        $this->Acl->allow($group, 'controllers/Sales');
        $this->Acl->allow($group, 'controllers/Searches');
        $this->Acl->allow($group, 'controllers/SpareParts');

        //allow users
        $group->id = 4;
        $this->Acl->deny($group, 'controllers');
        // $this->Acl->allow($group, 'controllers/users/logout');
        $this->Acl->allow($group, 'controllers/Posts/add');
        $this->Acl->allow($group, 'controllers/Posts/edit');
        $this->Acl->allow($group, 'controllers/Carts/add');
        $this->Acl->allow($group, 'controllers/Carts/edit');
        $this->Acl->allow($group, 'controllers/Comments/add');
        $this->Acl->allow($group, 'controllers/Comments/edit');
        $this->Acl->allow($group, 'controllers/Orders/add');
        $this->Acl->allow($group, 'controllers/Orders/edit');
        $this->Acl->allow($group, 'controllers/Rates/add');
        $this->Acl->allow($group, 'controllers/Searches');
        //we add an exit to avoid an ugly "missing views" error message
        echo "all done";
        exit;
    }
}
